hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : How to trace the source of spoofed ip?
Reply

Forum Jump

How to trace the source of spoofed ip?

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 09-02-2004, 11:12 AM
nowisph nowisph is offline
WHT Addict
 
Join Date: Apr 2004
Posts: 132

How to trace the source of spoofed ip?


I heard a command in Cisco core router (10000/12000) can do this, but that would take a lot of time waiting for DC to take action, can we trace the source of spoofed ip from our firewall/router?



Sponsored Links
  #2  
Old 09-02-2004, 11:40 AM
racksense racksense is offline
Web Hosting Guru
 
Join Date: Jul 2003
Location: London UK
Posts: 327
You can't. Since it is spoofed the header of the packet will be faked, there is no other information you can use.

The upstream provider will look to see what transit or peering exchange the packet(s) came via to work out where it was spoofed from, this process then has to go all the way along the route via each provider to eventually you find the source ISP.

__________________
Paul Civati
Rack Sense Ltd UK Managed Services Provider
Views expressed are my own and not those of the company.

  #3  
Old 09-02-2004, 11:51 AM
nowisph nowisph is offline
WHT Addict
 
Join Date: Apr 2004
Posts: 132
but aren't there a reverse traceroute method?

Sponsored Links
  #4  
Old 09-02-2004, 01:04 PM
racksense racksense is offline
Web Hosting Guru
 
Join Date: Jul 2003
Location: London UK
Posts: 327
The packet is spoofed! This means that the IP header has been fiddled with, this means the IP address on the packet header is different to where the packet actually originated. Traceroute to that IP will not give you the real answer as to the source.

__________________
Paul Civati
Rack Sense Ltd UK Managed Services Provider
Views expressed are my own and not those of the company.

Reply

Related posts from TheWhir.com
Title Type Date Posted
Open Source Collaboration Provider Open-Xchange Launches OX Spreadsheet Tool: WHD.global 2014 Web Hosting News 2014-04-01 11:18:13
New Rackspace Policy Encourages Employees to Contribute to Any Open Source Project Web Hosting News 2014-02-10 10:48:59
Prolexic Stops Massive DNS Reflection Attack Web Hosting News 2013-05-30 15:50:21
Rackspace Names Open Source Expert Van Lindberg VP of Intellectual Property Web Hosting News 2013-02-19 16:35:08
Cloud Software Firm Piston to Run Cloud Foundry PaaS on OpenStack Web Hosting News 2012-04-30 12:36:05


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?